Re: question about ipchains on dual interface machine
Josh Rollyson wrote:
> This hypothetical exploit shouldn't be allowed to exist in the first place.
> If you have a service on port 23 vunerable to scriptkiddie.c that service
> needs to be immeadiatly replaced with one not vunerable. A firewall is
> a last line of defense, you should never rely entirely on any one security
> solution.
Agreed completely.. But when you have services you want used internally, but not
externally, that becomes the problem. I should have said that instead of the
exploit situation.
Mike
Reply to: